CB Sd-Wan 1093

Citrix CloudBridge SD-WAN
Lab Exercises
Worldwide Product Readiness
April 1, 2016
Prepared by: Christopher Rudolph
Authors
The following authors contributed to the creation of this deliverable.
Citrix
Christopher Rudolph
851 W. Cypress Creek Rd.
Ft. Lauderdale, FL 33073
Phone: (954) 267-3076
christopher.rudolph@citrix.com
Shoaib Yusuf
4988 Great America Pkwy
Santa Clara, CA 95054
Phone: (408) 790-8392
shoaib.yusuf@citrix.com
Revision History
Revision
Change Description
Updated By
Date
1.0
New Lab Guide
Christopher Rudolph
7/13/2015
1.1
SME Feedback Incorporated
Christopher Rudolph
7/21/2015
1.2
GA 8.1 VPX w/ VIRTUAL

WAN Center
Shoaib Yusuf
11/5/2015
1.3
Inline Mode, additional

exercises
Shoaib Yusuf
02/01/2016
1.4
9.0 release exercises
Shoaib Yusuf
03/15/2016
1.5
Tech Preview CB 9.0

release
Shoaib Yusuf
04/01/2016
citrix.com
Training Overview ................................................................................................................. 4

Training Overview ..........................................................................................................................5
Lab Environment Details .................................................................................................................6
Lab Scenario ...................................................................................................................................8
Module1: CloudBridge Virtual WAN Configuration ................................................................. 9

Exercise 1: Datacenter CloudBridge Virtual WAN Configuration ..................................................... 11
Exercise 2: Remote CloudBridge Virtual WAN node Configuration .................................................. 35
Exercise 3: Finalizing the Virtual WAN Configuration...................................................................... 51
Module2: CloudBridge Virtual WAN Provisioning ................................................................. 56

Exercise 4: Provision the MCN Using the Saved Configuration File .................................................. 57
Exercise 5: Applying the Configuration to the Remote Appliance.................................................... 67
Module3: CloudBridge Virtual WAN Customization .............................................................. 76

Exercise 6: Customization of the Rules and Classes ........................................................................ 77
Exercise 7: WAN Link Bonding/Aggregating Using iPerf .................................................................. 89
Exercise 8: Solving Congestion using CloudBridge Virtual WAN QoS ............................................. 100
Module4: CloudBridge Virtual WAN Upgrade ..................................................................... 107

Exercise 9: Upgrade Procedure .................................................................................................... 108
Module5: CloudBridge Virtual WAN Virtual WAN Center ................................................... 115

Exercise 10: Introduction to Virtual WAN Center ......................................................................... 116
Exercise 11: Upgrade Virtual WAN Center ................................................................................... 123
Exercise 12: Use Virtual WAN Center to calculate MOS ................................................................ 126
Module6: CloudBridge 9.0 Release..................................................................................... 133

Exercise 13: Introduction to CloudBridge 9.0 Metered Links ......................................................... 134
Exercise 14: Introduction to CloudBridge 9.0 IPsec Protected Virtual Paths................................... 140
Exercise 15: Introduction to CloudBridge 9.0 Path State Sensitivity Control .................................. 148
Exercise 16: Introduction to CloudBridge 9.0 MPLS Queues .......................................................... 156
Lab Guide Appendices ....................................................................................................... 168

Appendix A: Additional Resources and Information ..................................................................... 169
citrix.com
Training Overview
citrix.com
Training Overview
Objective
In the following lab exercises, you will learn how to configure and deploy a Citrix CloudBridge SD-WAN
environment. You will also be introduced to the Virtual WAN Center configuration and monitoring tool.
Required Prerequisites
Basic knowledge of WAN networking and Citrix CloudBridge functionality.
Audience
Target
Citrix Internal Sales Engineers
Citrix Internal Consultants
Citrix Internal Technical Support
Partners
Lab Guide Conventions

Indicator Purpose
This symbol indicates particular attention must be paid to this step
Special note to offer advice or background information
reboot
Start
Text the student enters or an item they select is printed like this
Bold text indicates reference to a button or object
Focuses attention on a particular part of the screen (R:255 G:20 B:147)
Shows where to click or select an item on a screenshot (R:255 G:102 B:0)
citrix.com
Lab Environment Details

The CloudBridge SD-WAN environment consists of a single remote office communicating with a single
data center through the CloudBridge Virtual WAN Solution. In this lab, the entire environment is laid out
all on the same XenServer hypervisor. CloudBridge virtual machines (CB-VPX) instead of physical
appliances are being utilized to provide the link aggregation/bonding ability between two WAN emulators,
representing a low bandwidth MPLS and high bandwidth Internet WAN link.
Virtual Machines
VM Name
Data IP
Address
Management
IP Address
Description
AD.training.lab
172.16.10.20
192.168.10.11
Domain Controller, DNS
DC_CB_vWAN
172.16.10.1
192.168.10.20
Data Center CloudBridge VIRTUAL WAN VPX
DC_INET_Router
172.16.20.1
192.168.10.252
Vyatta Router
DC_MPLS_Router
172.16.30.1
192.168.10.251
Vyatta Router
DC_LAN_Router
172.16.10.1
CB_vWAN_Center
n/a
192.168.10.15
Central Management for VIRTUAL WAN
INET_WANem
n/a
192.168.20.2
WAN Emulator
MPLS_WANem
n/a
192.168.30.2
WAN Emulator
Remote_CB_vWAN
172.17.10.1
192.168.10.25
Remote CloudBridge VIRTUAL WAN VPX
Remote_Client
172.17.10.10
192.168.10.55
Windows 8.1 Professional
Remote_INET_Router
172.17.20.1
Vyatta Router
Remote_MPLS_Router
172.17.30.1
Vyatta Router
iPerf
172.16.10.21
192.168.10.50
TCP Traffic Generator/Analyzer
Video_FTP
172.16.10.22
192.168.10.45
Windows Server 2012 R2 | FileZilla Server
VDA
172.16.12.10
192.168.10.35
Windows 8.1 Professional | XenDesktop 7.6 VDA
XenDesktop
172.16.11.10
192.168.10.30
Windows Server 2012 R2 | XenDesktop 7.6 Delivery

Controller/StoreFront Server
Vyatta Router
Credentials
User Name
Password
Description
Training\Administrator
Citrix123
Domain Administrator
Training\User1
Citrix123
Standard User
Training\User2
Citrix123
Standard User
admin
password
CloudBridge Virtual WAN
citrix.com
citrix.com
Remote_Client
eth0: 172.17.10.10
eth1: 192.168.10.55
(Temp\Password1)
(CitrixAdmin\Citrix456)
Remote_LAN
.1
172.17.10.X
eth3: 172.17.20.2
eth2: 172.17.10.1
eth1: 172.17.30.2
eth0: 192.168.10.25
Remote_CB_vWAN
(Gateway Mode)
.2
.1
eth0: 192.168.30.3
eth1: 172.17.30.1
Remote_MPLS_Router
eth0: 192.168.20.3
eth1: 172.17.20.1
Remote_INET_Router
MPLS_Remote_Rtr_CB_vWAN
.1
172.17.30.X
.2
INET_Remote_Rtr_CB_vWAN
172.17.20.X
INET_WANem
Management | 192.168.10.X
br0: 192.168.30.2
MPLS_WANem
br0: 192.168.20.2
(root/Citrix123)
eth0: 192.168.30.1
eth1: 172.16.10.1
eth2: 192.168.10.251
DC_MPLS_Router
eth0: 192.168.20.1
eth1: 172.16.20.1
eth2: 192.168.10.252
DC_INET_Router
INET_DC_Rtr_CB_vWAN
172.16.20.X
MPLS_DC_Rtr_CB_vWAN
.2
172.16.10.X
.1
.1
eth3: 172.16.20.2
eth1 & eth2: 172.16.10.2
eth0: 192.168.10.20
DC_CB_vWAN
(Inline Mode)
.2
.2
.254
DC_LAN
172.16.10.X
DC_LAN_Router
DC_LAN_3
172.16.12.X
DC_LAN_2
172.16.11.X
XenDesktop
Win_8_VDA
eth0: 172.16.11.10
eth1: 192.168.10.30
(Administrator/Citrix456)
eth0: 172.16.12.10
eth1: 192.168.10.35
TRAINING\Administrator (Citrix123)
.\CitrixAdmin (Citrx456)
eth0: 172.16.10.254
eth1: 172.16.11.1
eth2: 172.16.12.1
eth1: 192.168.10.45
eth0: 172.16.10.22
Video_FTP
eth0: 172.16.10.21
eth1: 192.168.10.50
(root/password)
iPerf
eth0: 172.16.10.20
eth1: 192.168.10.11
AD_DNS
eth0: 192.168.10.15
Virtual WAN Center
M
a
n
a
g
e
m
e
n
t
Dev_Desktop
eth0: Private bond0

eth1: Public bond1
eth2: 192.168.10.1
Router
eth0: 192.168.10.10
(studentdesktop\localuser (10ca1us3R)
Student_Desktop
eth0: 192.168.10.250
Topology
Get a closer look at the topology: https://citrix.sharefile.com/d-s0042c4e9b1d4acc9
Lab Scenario
You are the Network Administrator for a large enterprise business called QWERTY Logistics. You have
been tasked with introducing CloudBridge Virtual Appliance appliances to provide load balancing ability
between your current active MPLS WAN Link and your current standby Internet (INET) WAN link. With
the help of CloudBridge Virtual WAN you are expected to bring the INET link from a standby state into an
active state to make full use of the extra inexpensive bandwidth for application delivery from your
datacenter. The remote site users must have access to all applications located in the data center and
they need more inexpensive bandwidth that the CloudBridge Virtual WAN devices will provide by
leveraging inexpensive internet links. The CloudBridge solution is expected to provide similar servicelevel agreements (SLA) and secured application delivery which can typically be found with expensive
MPLS WAN circuits.
You will first run through the configuration process of the datacenter CloudBridge Virtual WAN appliance.
Next, you will add a remote site and run through the configuration process for the remote site
CloudBridge Virtual WAN appliance.
Finally, you will test the new Virtual WAN environment by altering the speed of the WAN links, using the
WAN emulator console to showcase the three key tenants of Virtual WAN; Always On Branch,
Aggregation of WAN Links, and Application optimization.
Please take note that the CloudBridge SD-WAN portfolio consists of 3 different editions:
WAN Optimization Solution

Virtual WAN Solution
Enterprise Edition
The foundation of the CloudBridge SD-WAN solution is the Virtual WAN Solution, allowing for multiple
WAN links to be utilized as one. On top of that environment, you can easily add on WAN Optimization
capabilities by leveraging additional WAN Optimization appliances or utilizing the Enterprise Edition which
adds the same ability on a single chassis dedicated to reducing the hardware footprint for the branch
office locations. This lab walks you through building that foundation with CloudBridge Virtual WAN
Solution.
citrix.com
Module1: CloudBridge Virtual

WAN Configuration
citrix.com
Module Overview
This module will lead you through the configuration of the CloudBridge Virtual WAN virtual
machines.
Please take special note that this environment leverages the CloudBridge VPX which
does not have fail-to-wire capabilities. Only the physical CloudBridge appliance have
fail-to-wire capabilities and are recommended to be deployed Inline Mode. With the
limitation of no fail-to-wire capabilities on the VPX you can still deploy in Inline Mode, but
the recommendation would be to deploy VPX in Virtual Inline Mode (Policy Based
Routing). Alternatively, VPX can also be deployed in Gateway Mode which enables Layer
3 capabilities on the CloudBridge, making the CloudBridge the default gateway for its
respective site. Please reference the Citrix Knowledge Base articles for familiarity with other
deployment modes, those being most commonly deployed PBR Mode and Transparent Inline
Mode with fail-to-wire capabilities. Links can be found in the appendix section of this Lab
Guide.
It is critically important that before configuring the CloudBridge Virtual WAN appliance for any
environment, you complete the following pre-requisites:
1. Create the desired network topology
2. Identify the deployment mode and obtain all IP address for both the management plane
and the data plane
This has been done already for you for the following lab exercises. The network topology link
can be found in the appendix section of this Lab Guide. Please keep the topology nearby as a
reference in understanding the build-out of the configuration.
citrix.com
10
Exercise 1: Datacenter CloudBridge Virtual WAN

Configuration
Overview
The datacenter CloudBridge Virtual WAN will be configured first. This device is required to be
enabled as a Master Control Node, or MCN. The MCN is the central node for all remote
appliances. All configuration work, even for the remote site appliances, is completed on the
MCN using the Configuration Editor tool. This provides a central point for all configuration and
allows the configuration changes and software upgrades to be pushed out to all the remote
CloudBridge devices that will participate in the Virtual WAN environment.
NOTE: We will deploy the VPX in Inline Mode, but please note that VPX does not have fail-towire capabilities. In a live production environment if Inline Mode is desired a physical appliance
is recommended.
In this exercise you will:
Configure the datacenter CloudBridge Virtual WAN virtual appliance as the Master
Control Node and perform basic appliance administrative configuration
Prepare the configuration to be replicated to the remote site CloudBridge Virtual WAN
device
Estimated time to complete this exercise: 30 Minutes
Virtual Machines Required For This Exercise
DC_CB_vWAN
citrix.com
11
Step by Step Guidance

Step
1.
Action
At this stage you should have logged into your lab by launching your ICA file through
Citrix Receiver (https://www.citrix.com/go/receiver.html) and automatically logged into
the Student Desktop. From here you have the ability to administer the entire hypervisor
environment by logging in via XenCenter using the provided admin/##### credentials
provided to you on the lab web portal. Also from the Student Desktop, you have ability
to connect to the management IP of all the instances in the environment, as well as
ability to connect to the Remote_Client workstation where connections can be initiated
to the DataCenter instances across the configured Virtual WAN solution. Please make
use of the provided topology (link provided in the Appendix) to better orientate yourself
with in the environment. Having the topology open throughout all the exercises below
will make for better understanding of the solution.
From the Student Desktop, first we are going to log on to XenCenter to start remaining
VMs that we will need for the following exercises. Then we will log into the Data Center
side CloudBridge Virtual WAN appliance and begin configuration.
2.
First, we are going to access the XenCenter administration tool.

On the Student Desktop, open XenCenter from Start > All Programs.
3.
citrix.com
Right click on the devcompute-001.ondemand.vtc node, and select the Connect

option.
12
Step
Action
4.
Log in using the XenServer credentials supplied via the lab web portal, make sure to
change the user name from root to admin and use the password listed in the web
portal.
5.
Once logged in, individually right click and select start for the MPLS_WANem and
INET_WANem VM.
citrix.com
13
Step
Action
6.
\Next,
open a new Firefox internet browser window. From the Student Desktop, doubleclick the Mozilla Firefox shortcut.
7.
In the bookmarks bar, click the Datacenter CB vWAN shortcut. Find the location of
this device in the lab network topology.
8.
If you get the This Connection is Untrusted in the browser, proceed by clicking the I
Understand the Risks option and Add Exception option to advance. Once on the CB
Virtual WAN login page, type use the following credentials and then click Login:
User Name: admin
Password: password
citrix.com
14
Step
Action
9.
Once logged on to the CB Virtual WAN appliance, you should see the System Status
window indicating the Virtual WAN Service is currently disabled.
10.
The first task we have to do is update the system data and time.
In the CB Virtual WAN interface, click Configuration in the top bar of the GUI.
11.
citrix.com
Then, navigate to System Maintenance > Date/Time Settings.
15
Step
Action
12.
In the Timezone Settings pane select any desired time zone specific to this appliance,
and then click the Change Timezone button. Verify the Date/Time after the updated
change. The Virtual WAN technology is highly dependent on accurate time/date
settings on the appliances. Make sure they are accurate and correct.
13.
Next, navigate to the Configuration > Appliance Setting > Licensing page and select
the Remote license radial button, then configure the IP address (10.0.76.37) and port
(27000) of the lab license server. Also select the 50Mbps license file from the Model
pull down menu (V50VW). Then click Apply Settings.
14.
The next administrative task we have to do is change the console of the CloudBridge
appliance to the Master Control Node console so that we can enable network-wide
VWAN configuration ability.
Navigate to Appliance Settings > Administrator Interface and click the
Miscellaneous tab.
citrix.com
16
Step
Action
In the Miscellaneous tab, click the Switch Console button to switch to the Master
Control Node (MCN) console.
15.
Then click OK to confirm the switch to the MCN Console.

NOTE: This will require the GUI to automatically reload in the browser window.
When back at the login screen, use the admin/password credentials to log on again.
16.
The options available in the Configuration tab are different between the appliance that is
enabled as Master Control Node and the appliances that are left default as Client node:
Only the MCN has ability to configure network changes, not only for itself but also for all
remote appliances
Client node only allows access to managing local administration processes and report
on flows local to the site
The Configuration Editor is only available after the head-end appliance is switched to MCN
mode, and is not available on Client nodes. By default, all appliances are shipped in client
mode and only one head-end appliance should be promoted to MCN.
citrix.com
17
Step
Action
17.
To keep the user interface from timing out on you while you build out the configuration
in this exercise, you can increase the default UI timeout setting. Navigate to
Configuration > Admistrator Interface > Miscellaneous, increase the default time to
something higher (ex. 9999) and click Change Timeout.
18.
Log back into the MCN with updated UI timeout, we can now start configuring the
Virtual WAN system.
From home screen, click the Configuration tab.
Then, navigate to Virtual WAN > Configuration Editor.
19.
citrix.com
Close the Configuration Editor help wizard when it appears or you can Tour the Editor
to get more familiar with the lay out.
18
Step
20.
Action
The Configuration Editor is where the configuration for all of the networking nodes for
both the local and remote sites of the Virtual WAN are configured.
Please reference the network topology as you build the configuration (Please find a
PDF link in the Appendix of this Lab Guide). First we will walk through building the
configuration for the Data Center CloudBridge network, then for the Remote Branch
network.
21.
First creat a new configuration file by clicking the New button
22.
Move the Network Map out of the way to give more room for the Configuration Editor
screen by clicking the move icon.
23.
Take a peak in the Virtual WAN Network Settings node. This is where Global Security
Settings are available. We will leave it default for this lab.
We will begin by creating out first site, then datacenter site where this MCN will reside.
On the Sites bar, click the Add button.
citrix.com
19
Step
Action
24.
In the Add Site window that appears, type DC_CB_vWAN in the Site Name field, provide an
Appliance Name (DC_VPX) and select CBVPX from the Model drop-down list box, and
leave the mode field default as Primary MCN. This VPX will be configured as the headend appliance. Click Add when complete.
25.
Under the new DC_CB_vWAN node, expand the Interface Groups node.
26.
The Interface Groups are the NIC cards (physical or virtual) available for the appliance
selected in the previous steps.
In the Interface Groups node, click the plus icon to add a new interface group.
citrix.com
20
Step
27.
Action
In the new interface group line that appears, select 1 and 2 from the Ethernet Interfaces
selector, and then select Fail-to-Block from the Bypass Mode drop-down list box. The
MPLS link is what we are configuring now and it is a private network, so we will select
Trusted from the Security drop-down list box.
Do not click Apply yet.
Note for a physical appliance you would select Fail-to-Wire. If the appliance should
fail due to power failure or software failure, this set bahavior is how the interfaces will
behave.
28.
Under Virtual Interfaces, click the plus icon to display more options.
29.
Next to Virtual Interfaces, click the plus icon to add a new virtual interface.
citrix.com
21
Step
30.
Action
Type DC_MPLS in the Name field.

31.
Next to Bridge Pairs, click the plus icon to add the association between bridge
interfaces 1 and 2 (note since this is a virtual applaince, there is no physical bridge
association).
32.
From the Interfaces drop down menus, select interfaces 1 <-and-> 2. Then click the
Apply button.
citrix.com
22
Step
Action
33.
Notice the attention/warning icon that appears to the right of the Interface Group you
just created. This is expected since we have not yet created a related virtual IP address
to work with this group. You will see these attention icons throughout the configuration
editor until the configuration is fully complete. Feel free to poke around to help get a
better understanding of the built-in inteligence of the Virtual WAN Configuration Editor.
Hovering your mouse curser over the attention icon will expose a pop up window with
more detail.
34.
We are going to repeat the above process for the second WAN Link to the CB Virtual
WAN appliance.
Click the plus icon next to Interface Groups again.
35.
In the new interface group line that appears, select only 3 from the Ethernet Interfaces
selector, and then select Fail-to-Block from the Bypass Mode drop-down list box. This
is a WAN Link that sits behind a Firewall so this will also be set as Trusted. If we
expose this interface directly to the internet, then selecting Untrusted would be
recommended.
citrix.com
23
Step
Action
36.
37.
38.
Type DC_INET in the Name field and then click Apply. Since we are only leverging one
interface for the second WAN link, we will not need to alter the Bridge Pair like we did
for the MPLS link.
citrix.com
24
Step
39.
Action
Now that we have the interface groups added to the appliance, we can add the virtual
IP addresses that will be used by those interface groups.
Keep in mind that Interface Groups have a lot of different configuration options, for
example in fail-to-wire appliances you may select interfaces 1 and 2 for the same
Interface Group and enable as Fail-to-Wire for that Interface Group.
Click the plus icon to the left of Virtual IP Addresses.
40.
In the Virtual IP Addresses node, click the plus icon to add a new virtual IP address.
41.
We are now going to leverage the network toplogy to enter the Virtual IP addresses
assigned to us by the network admin. Again, it is always best to lay out the topology,
obtain and pre-define the IP address to be used for the deployment before starting the
configuration process. Type 172.16.20.2/24 in the IP Address/Prefix field, select
DC_INET from the Virtual Interface drop-down list box, and then click Apply.
citrix.com
25
Step
Action
42.
Click the plus icon again in the Virtual IP Addresses node to add the second preassigned IP address.
43.
Type 172.16.10.2/24 in the IP Address/Prefix field, select DC_MPLS from the Virtual
Interface drop-down list box, and then click Apply.
44.
The next step is to add the individual WAN Links to the CloudBridge Virtual WAN
appliance.
Click the WAN Links node under the DC_CB_vWAN node.
citrix.com
26
Step
Action
45.
Next, click the plus icon next to WAN Links to add a WAN link.
46.
Type DC_INET in the Name field, leave the Access Type set to Public Internet and click
Add.
47.
In the Settings node, click the pencil icon to edit the settings.
citrix.com
27
Step
48.
Action
Under both LAN to WAN and WAN to LAN, set the Physical Rate to 6000, then click
Apply.
We will later enable the WAN emulator on this WAN Link to 6.1Mbps to represent our
Internet connection.
For production deployments, make sure to run SpeedTest or iPerf to obtain the true
speed of the link. If the physical rates are not configured properly, the Virtual WAN
technology will not function optimally.
Also take note of the Public IP Address field. In production deployment, the data
center appliance will need static Public IP addresses for all Public Internet links. This is
where that configuration is entered.
49.
citrix.com
Next, expand the Access Interfaces for that newly added DC_INET node.
28
Step
Action
50.
Click the plus icon to add a new access interface to the appliance.
51.
In the new line that appears, leave the Name at its default value, select DC_INET from
the Virtual Interface drop-down list box, and then type 172.16.20.2 in the IP Address
field and then type 172.16.20.1 in the Gateway IP Address field and click Apply.
Again, please reference the topology for IP address information.
52.
Next, we are going to repeat the same process to create the relationship between the
VIP and its Default Gateway for the other WAN link in the CB Virtual WAN appliance.
The MPLS WAN link.
Under WAN Links, click the plus icon.
53.
citrix.com
In the new window that appears, type DC_MPLS in the Name field, select Private Intranet
from the Access Type drop-down list box and click Add.
29
Step
Action
54.
55.
Apply.
Later, we will enable the second WAN emulator to represent a MPLS link at 1.5Mbps.
Again, it is important to configure the correct physical rate values that match the true
measured values in a production environment.
citrix.com
30
Step
Action
56.
Next, expand the Access Interfaces for the newly created DC_MPLS node.
57.
58.
In the new line that appears, leave the Name at its default value, select DC_MPLS from
the Virtual Interface drop-down list box, and then type 172.16.10.2 in the IP Address
field and then type 172.16.10.1 in the Gateway IP Address field.
Enable Proxy Arp, which will allow the appliance to response to ARP Requests to this
Gateway IP address on behalf of that gateway, in the event the Gatway is down or
unreachable. This allows the LAN network to continue sending traffic to their
configured gateway where the Virtual WAN techology can intercept and delivery across
other more available WAN links. Make sure to click Apply.
citrix.com
31
Step
59.
Action
The last part of configuring the datacenter-side of the Virtual WAN configuration is to
add the routes to the other internal networks. Static routes are needed so that the
CloudBridge Virtual WAN applaince knows what gateway to send traffic to in order to
reach the backend LAN networks.
Under the DC_CB_vWAN site, expand the Routes node.
60.
In the Routes node, click the plus icon to add a new route.
61.
In the new line that appears, type 172.16.11.0/24 in the Network IP Address field, type
172.16.10.254 in the Gateway IP Address field, and then click Apply.
This route informs the Virtual WAN appliance of the next-hop how to reach the Video
and FTP server subnets. Again, please reference the network toplogy for the IP
address information.
citrix.com
32
Step
62.
Action
Repeat this process for the 172.16.12.0 network.

In the Routes node, click the plus icon to add a new route.
63.
In the new line that appears, type 172.16.12.0/24 in the Network IP Address field, type
172.16.10.254 in the Gateway IP Address field, and then click Apply.
This route informs the appliances on how to reach the iPerf server.
64.
Take note that the next node is High Availability. In this lab we will not be configuring
HA, but note that this is location where to enable that.
65.
You can minimize the DC_CB_vWAN site in the GUI at this time. Notice, if the
configuration is correct, there will be no red warning icons in the Sites section at this
time.
Do not log out from the user interface Configuration Editor. The next section will be a
continuation of this exersise.
citrix.com
33
Exercise Summary
In this exercise, you set the system data/time and identified where to install a license file. Then
promoted the datacenter-side CloudBridge Virtual WAN VPX to a Master Control Node and
configured the datacenter-side Virtual WAN node using the Configuration Editor on the MCN.
citrix.com
34
Exercise 2: Remote CloudBridge Virtual WAN node

Configuration
Overview
The remote-side of the CloudBridge Virtual WAN will be configured next. The remote node of
the Virtual WAN is configured in the same location as were we configured the datacenter-side
CB Virtual WAN VPX. The configuration for the remote appliance will be pushed down to the
remote appliance in a later exercise.
Configure the remote CloudBridge Virtual WAN node
Prepare the configuration to be replicated down to the Remote CloudBridge Virtual WAN
appliance
DC_CB_vWAN
citrix.com
35

Step
Action
1.
While still logged on to the DC_CB_vWAN appliance, click the Add button in the Sites
bar.
2.
In the Add Site window, type Remote_CB_vWAN in the Name field, Remote_VPX for the
Appliance Name, and select CBVPX from the Model drop-down list box, leave all other
fields at their default values and click Add.
Since this is a remote office site configuration, the Mode is defaulted to client.
3.
citrix.com
Under the new DC_CB_vWAN node, expand the Interface Groups node.
36
Step
Action
4.
In the Interface Groups node, click the plus icon to add a new interface group.
5.
In building out this remote site node, we could deploy it similar to the data center node in
Inline Mode, but in this exercise we will run through a different deployment mode:
Gateway Mode. Gateway mode results in a network outage for that site if the Virtual
WAN appliances should crash or have a power failure. It is not recommended for
production unless the customer is okay to have outage for that particular site and has
the appropriate onsite resources to bring the site back up in the event of outage. This
deployment mode will become very important as Citrix expands on routing technology
and continues to expand the SD-WAN functionalities.
Again, reference the network topology for a better understanding of the deployment.
To begin Gateway Mode deployment for this remote node, first in the new interface
group line that appears, select 1 from the Ethernet Interfaces selector, and then select
Fail-to-Block from the Bypass Mode drop-down list box.
6.
citrix.com
37
Step
Action
7.
8.
Type Remote_MPLS in the Name field and then click Apply.

Take note that we are deploying inline, but we are only assigning one interface to the
MPLS WAN link.
9.
We are going to repeat this same process for the other two network connections to the
CB Virtual WAN appliance.
In the Interface Groups node, click the plus icon again to add a new interface group.
10.
In the new interface group line that appears, select 3 from the Ethernet Interfaces
selector, and then select Fail-to-Block from the Bypass Mode drop-down list box.
Note the order in which Inteface Groups are added does not matter.
citrix.com
38
Step
Action
11.
12.
13.
Type Remote_INET in the Name field and then click Apply.
14.
In the Interface Groups node, click the plus icon again to add a new interface group.
citrix.com
39
Step
15.
Action
In the new interface group line that appears, select 2 from the Ethernet Interfaces
selector, and then select Fail-to-Block from the Bypass Mode drop-down list box.
16.
17.
18.
Type Remote_LAN in the Name field and then click Apply.

The CloudBridge will use this interface to advertise the gateway IP address for all client
hosts located at this site.
citrix.com
40
Step
19.
Action
Now that we have the interface groups added to the appliance, we can add the virtual IP
addresses that will be used by those groups.
Click the plus icon to the left of Virtual IP Addresses.
20.
In the Virtual IP Addresses node, click the plus icon to add a new virtual IP address.
21.
Type 172.17.10.1/24 in the IP Address/Prefix field, then select Remote_LAN from the
Virtual Interface drop-down list box, and then click Apply.
citrix.com
41
Step
22.
Action
We are going to repeat this same process twice more for the other virtual IP addresses
we need to use for this lab.
Click the plus icon again in the Virtual IP Address node.
23.
Type 172.17.20.2/24 in the IP Address/Prefix field, then select Remote_INET from the
24.
Click the plus icon again in the Virtual IP Address node.
citrix.com
42
Step
Action
25.
Type 172.17.30.2/24 in the IP Address/Prefix field, then select Remote_MPLS from the
26.
The next step is to add the WAN links to the Remote-side of the Virtual WAN
configuration.
Click the WAN Links node under the Remote_CB_vWAN node.
citrix.com
43
Step
Action
27.
Next, click the plus icon next to WAN Links to add a WAN link.
28.
Type Remote_INET in the Name field, leave the Access Type set to Public Internet and
click Add.
29.
citrix.com
44
Step
30.
Action
Under both LAN to WAN and WAN to LAN, set the Physical Rate to 6000, and then click
Apply.
Note again that speeds configured should be configured accuratly to reflect less then the
true speeds of WAN link.
Note the Autodetect Public IP field. In a production environment, for the branch nodes
you would enable this option in use with Public Internet WAN. The data center node has
the static IPs defined in the Public IP Address, and all branch offices will be learned
dynamically using the auto-detect feature.
citrix.com
45
Step
Action
31.
Next, expand the Access Interfaces node.
32.
33.
In the new line that appears, leave the Name at its default value, select Remote_INET
from the Virtual Interface drop-down list box, type 172.17.20.2 in the IP Address field,
type 172.17.20.1 in the Gateway IP Address field, and then click Apply.
citrix.com
46
Step
34.
Action
Next, we are going to repeat the same process to create another WAN link in the CB
Virtual WAN appliance for the MPLS WAN link.
Under WAN Links, click the plus icon again.
35.
citrix.com
Type Remote_MPLS in the Name field, select Private Intranet from the Access Type dropdown list box, and then click Add.
47
Step
36.
citrix.com
Action
48
Step
Action
37.
Apply.
38.
Next, expand the Access Interfaces node.
39.
citrix.com
49
Step
40.
Action
In the new line that appears, leave the Name at its default value, select Remote_MPLS
from the Virtual Interface drop-down list box, type 172.17.30.2 in the IP Address field,
type 172.17.30.1 in the Gateway IP Address field, and then click Apply.
Note that we are not enabling Proxy Arp here. This is because this site is being
deployed in Gateway Mode, thus proxy arp is not applicable.
41.
You can minimize the Remote_CB_vWAN site in the GUI at this time.
You should not see any red warning icons on the Sites section of the Configuration
Editor. This indicates proper configuration.
Do not log out from the interface.
Exercise Summary
In this exercise, you configured the networking settings for the remote-side CloudBridge Virtual
WAN appliance on the Master Control Node Configuration Editor.
citrix.com
50
Exercise 3: Finalizing the Virtual WAN Configuration
Overview
Now that the datacenter and remote sites have been configured, they need to have the WAN
Path connection information configured so that they will communicate over the WAN link at each
site. The configuration also needs to be saved and exported for use on the Remote CloudBridge
VIRTUAL WAN appliance.

1. Configure the CloudBridge Virtual WAN path relationships
2. Save the Virtual WAN configuration
3. Export the configuration
DC_CB_vWAN
citrix.com
51

Step
Action
1.
While still logged on to the DC_CB_vWAN appliance, click the Connections bar.
2.
Expand the Remote_CB_vWAN node.
3.
Then expand the Virtual Paths node.
citrix.com
52
Step
Action
4.
Next, expand the DC_CB_vWAN-Remote_CB_vWAN node.
5.
Finally, expand the Paths node.
6.
In the Paths node, click the plus icon to add a new path.
As you can notice, the INET paths to and from each respective site has been
automatically set for you by the Configuration Editor. The MPLS paths are missing and
must be manually added. The Config Editor does not automatically create Private
Intranet link relationships, it only automatically creates Public Internet links.
citrix.com
53
Step
Action
7.
In the Add Path window, select Remote_CB_vWAN from the From Site drop-down list
box, then select Remote_MPLS from the From WAN Link drop-down list box and select
DC_MPLS from the To WAN Link drop-down list box, then make sure Reverse Also is
selected and click Add.
8.
The Paths node should look like this:

Two WAN Links (MPLS and INET) would result in four unique WAN Paths covering both
directions of flow. As an expample, if we had three WAN Links to work with, we would
expect six unique WAN Paths here.
You should also have zero (0) Audit alerts in the bottom-left corner of the screen.
Informing you of a clean configuration file with no detected issues.
If you still have Audit alerts, verify all of your settings to ensure they are correct.
citrix.com
54
Step
9.
Action
Now that the configuration is complete, it must be saved and then exported for use on
the remote-side CloudBridge Virtual WAN appliance.
Click the Save As button at the top of the Configuration Editor screen.
10.
Type Demo_Ex3 in the Package Name field, and then click Save.
Exercise Summary
In this exercise, you configured the CloudBridge Virtual WAN path relationships, and saved the
configuration file.
citrix.com
55

WAN Provisioning
citrix.com
56
Exercise 4: Provision the MCN Using the Saved

Configuration File
Overview
Now that the configuration file is fully complete and there are zero audit warnings, it is time to
apply this configuration first to the MCN and upload the latest software and then apply the
configuration to the remote branch in the next exercise.
Update the MCN with the saved configuration and upload the latest software
DC_CB_vWAN

Step
1.
Action
While still in the MCN Configuration Editor, we have to export the configuration.
Click the Export.button at the top of the Configuration Editor screen.
2.
Select Change Management Inbox from the Destination drop-down list box and then
click Export.
The Configuration File is now ready and waiting in the Change Management page for
provisioning.
citrix.com
57
3.
Navigate to Virtual WAN > Change Management to start the MCN provisioning
process.
4.
Click the Begin button to proceed after reviewing the Change Process Overview.
5.
Next to Upload software packages specific to the appliances selected when creating the
datacenter and remote branch in the configuration editor, click the Browse button.
citrix.com
58
6.
In the File Upload window that appears, navigate to the Documents > CB_vWAN >
vWAN Software, and then select the cb-vw_CBVPX_8.1.0.95.tar.gz file and then click
Open.
If this was a production deployment with phsycial appliances, you would browse and
upload individually each software package one at a time. Note that there will be a
unique file for each applaince; 4000-VW, 2000-VW,1000-VW, 400-VW. You only need
to upload the software package for the appliances in your network, in this lab we only
have CB VPX, so we will only upload the VPX software package.
7.
Click Upload.
citrix.com
59
8.
After the file is done uploading, the page will display Upload complete and the
Software box will populate with Model(s) CBVPX, click Next.
NOTE: If this was a production deployment, and CB4000-VW was used at the
datacenter and CB1000-VW was used at the branch office, both respective sotware files
would be required to be uploaded at this point.
The same process can be used in upgrading to the next release of software.
9.
In the Verification Results window that appears, verify that the results say The
Configuration is valid and then click Ok.
citrix.com
60
10.
In the License window that appears, check the box to accept the EULA and click Ok.
11.
On the Appliance Staging screen, click the Stage Appliances button.
12.
A progress bar will appear showing the transfer progress.
citrix.com
61
13.
When the transfer progress is complete, click the Next button.
14.
On the Activate screen, click the Activate Staged button to activate the changes that
have been made to this data center appliance.
15.
A warning box appears to let you know that the remote appliance has no running
configuration. Click OK to confirm that the package we created will be used for that
purpose.
citrix.com
62
16.
Now that the appliances have been activated, the configuration can now be activated.
Click the Activate Staged button.
17.
Click OK to switch the Active software/config to the one on the staged area.
18.
The appliance activates inside of a 120 second clock.
citrix.com
63
19.
When activation is completed, click the Done button.
You will be returned to the Dashboard screen.
20.
Now we can enable the Virtual WAN Service.

Click the Configuration tab at the top of the screen.
citrix.com
64
21.
Navigate to Virtual WAN > Enable/Disable/Purge Flows.
22.
Click the Enable button.
23.
Click OK to confirm enabling the service.
24.
You should see that the Virtual WAN Service is enabled at the top of the screen.
citrix.com
65
25.
Navigate back to the Change Management page (Configuration > Virtual WAN >
Change Management) and validate using the table at the bottom of the page that the
DC Site-Appliances is populated with Currently Active Software and Config.
Make note that the Remote_CB_vWAN-Appliance is listed as Not Connected. The

next exercise will walk you through addressing that.
Exercise Summary
In this exercise, you applied the configuration to the MCN, and also uploaded the needed
software packages specific to the data center and remote site appliance. You also enabled the
Virtual WAN Service for the MCN appliance.
citrix.com
66
Exercise 5: Applying the Configuration to the Remote

Appliance
Overview
We have saved and exported the configuration file to the MCN, and we have applied and
uploaded the needed software packages for the appliance in the Virtual WAN environment.
From the MCN Change Management you will now download the software and configuration
bundle that is intended for the remote site appliance and upload it manually. After this first time
manual procedure, subsequent software and configuration changes can be done through the
MCNs communication to remote branches over the Virtual Paths and the below steps can be
skipped.
Download and apply the Software/Configuration package to the remote CloudBridge

Virtual WAN appliance
Enable the Virtual WAN Service on the Remote CloudBridge appliances
DC_CB_vWAN
Remote_CB_vWAN
citrix.com
67

Step
Action
1.
While still logged on to the DC_CB_vWAN appliance, navigate to Virtual WAN >
Change Management.
2.
In the table at the bottom of this page, find the Remote_CB_cWAN-Applaince row, click
the active hyperlink at the right most column.
3.
Select Save File from the pop-up window and click OK.
4.
Now open a new tab, in the Firefox browser and click the Remote CB vWAN bookmark
to open the UI for the Remote CloudBridge Virtual WAN device.
citrix.com
68
Step
Action
5.
Log in with admin/password credentials.
6.
In the Timezone Settings pane select any desired time zone specific to this appliance,
and then click the Change Timezone button. Verify the Date/Time after the updated
change.
7.
Next, navigate to the Configuration > Appliance Setting > Licensing page and select
the Remote license radial button, then configure the IP address (10.0.76.37) and port
(27000) of the lab license server. Also select the desired license file to be pulled down
from the license server (V50VW). Then click Apply Settings.
citrix.com
69
Step
Action
8.
On the dashboard, click on the Local Change Management button. Which will navigate
you to the Configuration > System Mantenance > Local Change Management page.
9.
Click Browse and upload the previously saved Remote appliance software/configuration
package in the Downloads directory. Then click Open.
citrix.com
70
Step
Action
10.
Click the Upload button. After a successful upload, the UI will update with Upload
Complete.
11.
Click Next, after the Upload is complete
citrix.com
71
Step
12.
Action
Now that the appliances have been activated, the configuration can be activated.
Click the Activate Staged button.
13.
Click OK to switch the Active software/config to the one on the staged area.
14.
The appliance activates inside of a 120 second clock.
citrix.com
72
Step
15.
Action
When activation is completed, click the Done button.
You will be returned to the Dashboard screen.
16.
Now we can enable the Virtual WAN service.

Click the Configuration tab at the top of the screen.
citrix.com
73
Step
Action
17.
Navigate to Virtual WAN > Enable/Disable/Purge Flows.
18.
Click the Enable button.
19.
Click OK to confirm enabling the service.
20.
You should see that the Virtual WAN Service is enabled at the top of the screen.
citrix.com
74
Step
21.
Action
Switch to the Monitoring tab at the top of the screen, and you will see the Path State and
Virtual Path Service State showing GOOD for all links.
Exercise Summary
In this exercise, you downloaded the software and configuration package from the MCN and
manually uploaded it to the remote CloudBridge Virtual WAN device using its local user
interface. Enabled the service and validated proper Virtual Path communication between the
two CloudBridge Virtual WAN devices.
citrix.com
75

WAN Customization
citrix.com
76
Exercise 6: Customization of the Rules and Classes
Overview
Now that we have fully installed and configured a Virtual WAN environment consisting of a Data
Center MCN and one Remote Office Client node, we can now make some customization to the
default rules and classes to highlight key features of the solution in the subsequent exercises.
Edit the Configuration file to properly identify iPerf and Video Server traffic based on IP
and port
Push the new configuration using only the MCN to update both the MCN and Remote
CloudBridge
DC_CB_vWAN
Remote_Client
iPerf
citrix.com
77

Step
1.
Action
On the Student Desktop, navigate back to the MCN UI to make some changes to the
saved configuration file.
In the Firefox browser, click the Datacenter CB vWAN shortcut in the bookmark bar and
log in with admin/password credentials.
2.
Navigate to the MCN > Configuration > Virtual WAN > Configuration Editor page and
click Open button to open your saved config file.
3.
In the Configuration Editor, expand your saved config file to show the Connections
sections. Then navigate to the Default Sets > Virtual Path Default Sets.
citrix.com
78
Step
4.
Action
Click the plus (+) icon to add a new Virtual Path Default Set, which we can apply to all
VIRTUAL WAN nodes that we add to this environment.
Notice that the system will make available 17 classes for you, and class 10-16 will be
pre-populated and associated with Realtime, Interactive, and Bulk classes. With the
Interactive class configured even further to have QoS in place to separate the Interactive
class into sub-classes of High, Medium, Low and Very Low.
Click Apply to proceed.
citrix.com
79
Step
Action
5.
Expanding the Rules for this New_Virtual_Path_Default_Set, you can see that there are
no default rules in place.
6.
Further down in the Connections sections, you can expand the Application node to take
a look at the existing applications configured by default. Here we can also add custom
applications. Notice that IPERF is an application that is available by default on the
system.
citrix.com
80
Step
Action
7.
On the Applications section, create a new application by clicking the + icon.

the Close button.
Then click
8.
Then click on New_Application to rename it to VideoServer.
9.
Navigate back to the Default Set > Virtual Path Default Set >
New_Virtual_Path_Default_Sets > Classes and click the pen icon to edit our first
class.
citrix.com
81
Step
Action
10.
Navigate down the table and edit class_6, by renaming the class to class_6VideoServer and altering the Type to Interactive. Allocate 70 for both Initial Share %
and Sustained Share %.
11.
Next edit class_7 by renaming the class to class_1-iPerf and altering the Type to
Interactive. Allocate 20 for both Initial Share % and Sustained Share %.
Between Video and iPerf traffic, this QoS setting gives Video traffic a much larger share
of the bandwidth when contention occurs.
Please make sure to click the Apply button to save the QoS changes.
citrix.com
82
Step
12.
Action
Navigate back to the Default Set > Virtual Path Default Set >
New_Virtual_Path_Default_Sets > Rules and click the + icon to add a new custom
rule.
We will use these custom rules to filter both the IPerf and Video Sever traffic in order to
utilize these applications in subsequent exercises.
13.
In the table for the new custom rule, in the Application Name column select the
previously created VideoServer.
14.
In the new custom rule, for the IP Address Source column input the production/data path
IP address of the Video Server (172.16.10.22/32). Select Dest=Src to catch the traffic
in the reverse direction as well.
citrix.com
83
Step
Action
15.
In the new custom rule, for the Protocol select TCP and for the Port column input 80
since the Video Server is configured to deliver video over http://172.16.10.22:80. Select
Dest=Src to catch the traffic in the reverse direction as well.
16.
Click the + icon on this new rule to expand the node for additional configuration options.
17.
With the new custom rule expanded, we can now leverage the Initialize Properties
Using Protocol option to quickly have the system pre-populate the remaining of the
settings to the system expected configuration.
Lets make custom configuration changes, by Selecting Transmit Mode to be Persistent
Path. Please special note this location where the Tranmit Mode can be changed.
citrix.com
84
Step
18.
Action
Expand the LAN to WAN node of the current custom Video Server rule to properly make
the association between this rule and the Video Server class we configured in an earlier
step. From the General section, Class drop-down, select 6 (class_6-VideoServer).
Click the Apply button to save the new custom rule.

You may encounter a warning icon, for now please ignore we will be addressing that
later in this exercise.
19.
Run through the same process to create a rule for the iPerf traffic (IP 172.16.10.21/32
and TCP port 5001) and make the association between Iperf rule and Iperf class
7(class_7-iPerf). Make use of the Initialize Properties Using Protocol button to help
pre-populate some of the fields.
Click Apply to save the new custom rule.
citrix.com
85
Step
20.
Action
We will now apply the New_Virtual_Path_Default_Set to the Virtual Path Service of the
network.
Under the Connections section, expand the DC_CB_vWAN node. Continue expanding
with Virtual Paths > DC_CB_vWAN-Remote_CB_vWAN > Local Site > Basic
Settings.
21.
In the Basic Settings, click the pen icon to edit the Default Set field to select the
New_Virtual_Path_Default_Set option.
Apply the setting.
citrix.com
86
Step
22.
Action
Notice that the Remote office node also has the same default set update.
Connections > Remote_CB_vWAN > Virtual Paths > DC_CB_vWANRemote_CB_vWAN > Local Site > Basic Settings.
23.
At this point, Save As your new config file with file name Demo_Ex6.
24.
Export the saved config to the Change Management inbox.
citrix.com
87
Step
Action
25.
Navigate to the Configuration > Virtual WAN > Change Management page and run
through the Change Preparation, Appliance Staging, Activate Staged process.
26.
Make note that even the Remote CloudBridge device has been updated with the new
config, because it had already had a Virtual Path relationship with the MCN.
We can skip the step of downloading the active package and uploading it manually.
Exercise Summary
In this exercise, you took an existing active Virtual WAN environment and made rule and class
changes to the configuration and pushed it out to remote office using only the MCN.
citrix.com
88
Exercise 7: WAN Link Bonding/Aggregating Using iPerf
Overview
The lab environment comes provisioned with two WAN emulators that are used to show the
bonding (WAN link aggregation) ability of the CloudBridge Virtual WAN solution. One WAN
emulator will be configured as a 1.5 Mbps MPLS link, and the second WAN emulator as a 6
Mbps ADSL Internet link. We will start by setting the ADSL Internet link to 100% packet loss
which will bring down the link in the below exercise to show the before scenario without Virtual
WAN technology then we will bring it up with 0% loss with CloudBridge Virtual WAN to bond
multiple WAN Links and push a single application (ex. iPerf) across the bonded bandwidth of
the two WAN links.
Showcases the WAN bandwidth bonding ability of CloudBridge Virtual WAN for a single
flow
Remote_Client
iPerf
citrix.com
89

Step
1.
Action
From XenCenter tool, individually rick-click and start the following VMs:
Remote_Client, iPerf, and Video_FTP.
citrix.com
90
Step
Action
2.
Allow the VMs to fulling boot. You can monitor the progress from the console tab on
XenCenter.
3.
We are going to have to configure the WAN link speed and the latency on each of the
WAN emulators.
In the Firefox browser, open a new tab and click the INET WANem shortcut in the
bookmark bar.
Note that this WAN emulator has a short duration timeout of the user interface, and if left
running to long without interaction the UI will time out without any alert. Make sure your
changes have been accepted by clicking refresh on the browser.
4.
Next, click the Advanced Mode link in the toolbar.
5.
Leave the default value of eth1, and click Start.
citrix.com
91
Step
6.
Action
Since this is the Internet WAN link, we will want to set the bandwidth accordingly.
Next to Choose BW, select Standard ADSL Downstream - 6.144 Mbps from the dropdown list box, and then type 100 in the Loss (%) field, and then click Apply settings.
If you do not see the update, refresh your browser and try again.
7.
In the browser navigate back to the CloudBridge Virtual WAN UI and confirm the report
matches up with the 100% packet loss setting on the Internet WAN Emulator.
Open a new Firefox tab and select the Datacenter CB vWAN shortcut in the bookmark
bar. Log on using the admin/password credentials.
Navigate to the Monitoring > Virtual WAN > Statistics screen.
citrix.com
92
Step
Action
8.
Confirm that both the WAN Paths to and from the remote site on Internet are reported as
Dead. You may have to refresh the page to see the latest reported status.
9.
From XenCenter, select the Remote_Client VM, then select the Console tab at the top
of the window.
10.
Log on to the Remote Client using the following credentials:

User: CitrixAdmin
Password: Citrix456
citrix.com
93
Step
Action
11.
Click No, on the prompt asking to find PCs, devices, etc.
12.
jPerf 2.0.2 has been installed on the Remote_Client VM as a tool to help validate the
available WAN link speed between the remote site and the datacenter site.
Double-click the jperf shortcut to launch the application tool.
citrix.com
94
Step
13.
Action
In the jPerf application, first select the Server radio button and click the Run iPerf!
button to initiate the application as the server to start listening on port 5001. For more
information on Iperf please refer to the following website: https://iperf.fr/
Take note that the internal IP address of the Remote_Client VM is 172.17.10.10. You
can run ipconfig in a command prompt to identify this, also that that the client has a
management interface of 192.168.10.55. Route print command can help identify how
the traffic is being routed through this particular Windows VM that is configured with two
subnets.
14.
The Remote_Client VM also has the PuTTY application installed. PuTTY can be found
as a shortcut on the desktop of the Remote_Client. Launch PuTTY and connect to the
iPerf Linux VM located in the data center across the WAN emulators.
citrix.com
95
Step
15.
Action
Putty contains a saved session to the iPerf (172.16.10.21) server. Select the
root:password @ 172.16.10.21 (iPerf) saved session and click Open.
Click Yes, if you encounter a PuTTY Security Alert window.
16.
In the PuTTY window that opens, give it some time to log in, and when prompted type
password and press Enter.
The resulting screen should look like this:
citrix.com
96
Step
17.
Action
Within the putty session to the iPerf server, type the following command and press
Enter:
iperf -c 172.17.10.10 -t 6000 -i5 -w 10M
This will initiate an iPerf test to test bandwidth speed between sites. For more
information on iperf please visit: https://iperf.fr/iperf-doc.php
18.
The jPerf application on the Remote_Client VM will report the results of the bandwidth
test and should show close to a ~1.3Mbps result if everything is configured correctly.
Keep in mind that there is a 40 byte per packet overhead for the Virtual WAN
transportation protocol, and also note that iperf reports available bandwidth. Meaning if
there is any other traffic, like management traffic running across the same link iperf
results will be lower than expected. That is why we will not see the full 1.5 Mbps.
citrix.com
97
Step
19.
Action
Back on the Student Desktop, switch back to the open Firefox browser with the WANem
INET configuration window.
On the Internet WANem you can now change the 100% packet loss and replace it with
0% packet loss.
Type 0 in the Loss (%) field and then click the Apply settings button.
If you change tabs to the CB vWAN configuration utility, this should bring up the Dead
WAN paths on the Virtual WAN reporting to a Good state. Take note that the links first
transistions to a Bad or yellow state before it goes green. This is because Virtual WAN
does not commit traffic to any new path until it first tests and validates the link to make
sure its safe to commit for production traffic.
20.
Now that the Path State is Good, the resulting jPerf graph should update and show the
aggregation benefits with the CloudBridge Virtual WAN solution. The graph jumps from
~1.3Mbps to ~6.6Mbps of aggregated bandwidth between sites. This validates the path
aggregation ability for a single application flow. It also proves that the solution delivers
by the packet and doesnt just do path assignment.
citrix.com
98
Step
Action
21.
You can also navigate to the Monitoring > Flows page to get detailed information about
the connection and the current path that it is taking.
22.
Switch to the open PuTTY session, and press Ctrl+C to stop the iPerf test.
And on the jPerf application, click the Stop IPerf! button
Exercise Summary
In this exercise, you showcased a key feature of the Virtual WAN technology, by taking a single
TCP flow and allowing that flow to utilize two distinct WAN paths simultaneously for delivery.
citrix.com
99
Exercise 8: Solving Congestion using CloudBridge Virtual

WAN QoS
Overview
Similar to the previous exercise, you can run through the same exercise to first show a
bandwidth congestion issue with the single 1.5 Mbps MPLS link and the impact that has on
contenting applications, then enable the VIRTUAL WAN to augment the 1.5Mbps link with an
added 6.1 Mbps Internet link (100% to 0% Loss), which addresses the congestion issue by
adding bandwidth, and in turn improves the end-user experience with the applications.
Demonstrate the effectiveness of CloudBridge Virtual WAN for solving congestion issues
while watching video.
Remote_Client
iPerf
citrix.com
100

Step
1.
Action
First, we are going to return to the INET WANem configuration utility and change the
packet loss back to 100%.
Type 100 in the Loss (%) field and click Apply settings.
2.
Next, we are going to configure the MPLS WAN emulator with a bandwidth of about 1.5
Mbps with 0% packet loss.
Open a new Firefox tab and then click the MPLS WANem link in the bookmark toolbar.
citrix.com
101
Step
3.
Action
Click the Advanced Mode link, and then click Start.
Leave the default value of eth1 in the drop-down list box and click Start.
4.
Select T-1, DS-1 North America 1.544 Mbps from the Choose BW drop-down list box
and then click Apply settings.
citrix.com
102
Step
Action
5.
Switch to the CloudBridge vWAN tab in Firefox, and click Refresh on the Statistics
screen. You should see that the INET link is DEAD.
6.
Return to the Remote_Client VM Console tab in XenCenter.

In the open JPerf application screen, select Server and click the Run IPerf! button.
In the open PuTTY screen, press the arrow up key on your keyboard to recall the last
command and then press the Enter key.
7.
Switch to the open and running JPerf screen, and you should see a resulting throughput
of approximately 1.3 Mbps of throughput.
citrix.com
103
Step
8.
Action
Within the Remote_Client console, open a new Internet Explorer window (the
homepage should be a video player, if not type in the address http://172.16.10.22). This
video is sourced from the Video_FTP server on the backend of the datacenter. You
should position the Internet Explorer window to the side, because you want to view the
Video website and at the same time view the jPerf graph results. You may also need to
clear the cache by removing the ability to preserve website data in order to run this test.
IE Settings > Safety > Delete browsing history
Uncheck Preserve Favorites website data and select Temporary Internet files and
website files and Cookies and website data and click the Delete button. Then
restart the browser. Click the Play button to start the video, then watch the effect it has
on the iPerf graph. You should notice that Video is very slow to buffer due to limited 1.5
Mbps link available. And with the QoS policy in place, iperf will suffer as soon as the
video starts to stream data.
citrix.com
104
Step
9.
Action
As soon as the Video starts, the graph of the iPerf test should show the impact of
introducing the Video Stream. The Video Stream takes all the available bandwidth
causing the iPerf to utilize the remaining bandwidth left over. This illustrates how the
iPerf application (representing typical applications like CIFS, MAPI, FTP) suffers while
interactive traffic like Video takes precedence on the available WAN link.
If you don't see this behavior, make sure to clear the browser cache and try again.
10.
Enable the Virtual WAN solution to bond additional bandwidth to the existing 1.5Mbps
MPLS WAN link and showcase how this solution resolves the congestion issue
illustrated above.
Switch to the Firefox tab with the INET WANem configuration window open.
Type 0 in the Loss (%) field and then click Apply settings.
citrix.com
105
Step
11.
Action
Switch to the CloudBridge vWAN tab in Firefox, and then click the Refresh button on
the Statistics screen.
The state of the INET link should return to GOOD.
12.
Switch back to the Remote_Client VM Console and view the jPerf console.
The jPerf graph should update and show the aggregation benefits with the CloudBridge
Virtual WAN solution. The graph jumps to ~6.5Mbps of bandwidth available for the iPerf
traffic.
You should also notice an improved ability for the web browser to buffer the Video a lot
faster. Due to the nature of the simple Video Server in this demo, please do not
expect improved Video quality, there is no mechanism in place to change the
Video resolution based on available bandwidth.
Exercise Summary
In this exercise, you used QoS setting configured in a previous exercise to show how end user
experience is impacted during times of congestion, and then you unleashed the link aggregation feature
in Virtual WAN allowing all applications to freely use all the available bandwidth.
citrix.com
106

WAN Upgrade
citrix.com
107
Exercise 9: Upgrade Procedure
Overview
In this demonstration we walk through the upgrade procedure for the Virtual WAN environment.
With Virtual Path communication between appliances, upgrade and configuration changes are
easily pushed through the Virtual Path to all remote office appliances from the MCN.
Upgrade the Virtual WAN from 8.1 to 9.0 beta
Prep the WAN link configurations for the next exercise
DC_CB_vWAN
citrix.com
108

Step
Action
1.
First, open the MCN user interface.
2.
Navigate to the Configuration > Virtual WAN > Change Management page and click
Begin
3.
Navigate to the Configuration > Virtual WAN > Change Management page click the
Browse button.
citrix.com
109
Step
Action
4.
In the File Upload window, navigate to the \Documents\CBvWAN\vWAN-Software\VW

Upgrade directory and select the cb-vw_CBVPX_9.0.0.265.tar.gz file, then click the
Open button. Note, for production installations, you will need to download and upload
the files specific to appliances being used in the environment.
5.
Click the Upload button when the file has been selected.
citrix.com
110
Step
Action
6.
The status will update as Upload complete, and the uploaded model will be listed with
the corresponding software. Click Next to proceed.
7.
Click Ok to accept the Verification Results.
citrix.com
111
Step
Action
8.
Accept the license agreement and click Ok.
9.
Click Stage Appliances.
10.
Notice the table below to identify the state of the software upgrade for each appliance in
the Virtual WAN environment.
citrix.com
112
Step
Action
11.
Once the Appliance Staging is at 100%, click Next to proceed.
12.
C
Click
l
i
c
k
Activate Staged to flip to the prepped software from the current.
citrix.com
113
Step
13.
Action
A
After the two-minute activation process, click Done. The browser will refresh to the new
f
updated user interface. Log out and log back in if you encounter any browser cache
t
eissues.
r
t
h
e
14.
Y
You can now log
o
also updated the
u
into the Remote CloudBridge UI and validate that the above process
remote appliance in addition to head-end MCN appliance.
c
a
n
Exercise Summary
In this exercise, we uploaded and pushed out both configuration and software across the Virtual
WAN network to all Virtual WAN appliances from a single central location, the MCN.
citrix.com
114

WAN Virtual WAN Center
citrix.com
115
Exercise 10: Introduction to Virtual WAN Center
Overview
In this exercise we will introduce you to Virtual WAN Center, the central Analytics tool for the
Virtual WAN environment. Virtual WAN Center serves as a single pane of glass for Virtual WAN
management, WAN performance monitoring, and application monitoring.
Configure Virtual WAN Center to communicate with the Virtual WAN environment we
have built in the previous exercises.
Remote_Client
Virtual WAN
Center
citrix.com
116

Step
Action
1.
From XenCenter tool, individually rick-click and start the following VMs:
CB_vWAN_Center, DC_LAN_Router.
2.
Allow some time for the VM to boot. From the StudentDesktop, launch Firefox internet
browser. There should be a shortcut in the bookmark toolbar to launch the CB vWAN
Center user interface:
3.
Select I Understand the Risks for the Connection is Untrusted warning, and Add
Exception.
citrix.com
117
Step
Action
4.
Log in to Virtual WAN Center with the default credentials: admin/password
5.
Navigate to the following location to adjust the IP Address assignment.

Administration > Global Settings > Management Interface
In this exercise, we will not be changing the IP address of Virtual WAN Center, but now
you know where to find it.
6.
Navigate to the following location to adjust the system date and time.
Administration > Global Settings > TimeZone
Select the desired timezone location and click Apply.
citrix.com
118
Step
7.
Action
Now that the basic administrative work is complete, we will walk through the process of
adding the Virtual WAN appliances to Virtual WAN Center.
a) On the Virtual WAN Center user interface navigate to Configuration > Network
Discovery > SSL Certificates
b) Download HTTPS Certificate and save to local studentdesktop

8.
In the same Internet Browser open a new tab and navigate to the Datacenter CB vWAN
(MCN) user interface Configuration > Virtual WAN > Virtual WAN Certificates
Browse, Upload and Install the VWC HTTPS Certificate (VWCSSLCert.pem).
citrix.com
119
Step
Action
9.
Click Continue to accept the upload.
10.
Back on the Virtual WAN Center user interface, navigate to Configuration > Network
Discovery > Discovery Settings
citrix.com
120
Step
11.
Action
In the Virtual WAN Center Discovery Settings screen, run through the following to add
the MCN applaince:
a) Enter VWA MCN management IP address (192.168.10.20), and click Test, you
should encounter the following message This appliance is active MCN
b) Click Discover
c) Leave the default Polling Configuration settings and then click Apply
citrix.com
121
Step
12.
Action
Confirm the addition of all Virtual WAN environment appliances by navigating to the
Configuration > Network Discovery > Inventory and Status page.
Select the options for polling, and lick Apply.
13.
Since Virtual WAN Center provides a historical view of the Virtual WAN environemnt
instead of a real-time view, the Reporting page will take a few minutes before populating
with useful data. Note that the reporting provides views for the last Hour, Day, Week,
and Month.
Exercise Summary
In this exercise you were introduced to Virtual WAN Center, and setup communication with the
MCN to poll data from the entire Virtual WAN environment.
citrix.com
122
Exercise 11: Upgrade Virtual WAN Center
Overview
In this exercise we will run through the upgrade procedure for Virtual WAN Center.
Upgrade Virtual WAN Center.
Remote_Client
Virtual WAN
Center
citrix.com
123

Step
Action
1.
From the StudentDesktop, launch Firefox internet browser. In the bookmark toolbar
launch the CB vWAN Center user interface:
2.
N
Once logged in, navigate to Administration > Global Settings
a
tab. Click the Browse button to upload the latest software.
v
i
a
g
3.
IIn
n
> Software Upgrade
the upload window, browse to \Documents\CB vWAN\vWAN-Software\VW Center

Upgrade to located the latest Virtual WAN Center software (cb-vwc_9.0.0.265.tar.gz).
tClick the Open button to upload.
h
e
citrix.com
124
Step
Action
4.
C
Next,
l
i
c
k
click Upload and Install to begin the install.
5.
Accept the licensing agreement, then click Install.
6.
When the process completes, click Continue.
7.
You can confirm upgrade to the latest version from the upper right of the user interface.
Exercise Summary
In this exercise we upgraded Virtual WAN Center to the latest firmware.
citrix.com
125
Exercise 12: Use Virtual WAN Center to calculate MOS
Overview
In this example we will expand your knowledge of Virtual WAN Center (VWC) by introducing
how it can be used as a tool to track the Mean Opinion Score (MOS) of targeted applications.
Enable a test application to calculate the MOS score using Virtual WAN Center
Remote_Client
Virtual WAN
Center
citrix.com
126

Step
Action
1.
From the StudentDesktop, launch Firefox internet browser. In the bookmark toolbar
launch the CB vWAN Center user interface:
2.
Log in and navigate to Configuration > Network Configuration.

Note that you can run through the same Configuration Editor ability right here via the
VWC as if you were making the changes directly on the MCN.
3.
You can import the configuration from the MCN, by clicking the Import button. Then
select Active MCN from the Network drop down, and then click Import.
citrix.com
127
Step
Action
4.
The current running configuration will be imported from the MCN. Expand the
configuration window.
5.
Expand the Connections node.
6.
Expand the Applications node.
citrix.com
128
Step
Action
7.
Expand the VideoServer node and enable MOS, then click the Apply button.
8.
V
Validate that there is a rule in place to catch the VideoServer application flows. If
a
leveraging the default set, navigate to Default Set > Virtual Path Default Set >
l
iNew_Virtual_Path_Default_Set > Rules:
d
a
t
e
9.
From the VWC, Save As the new configuration with name Demo_Ex12, Export and run
through the Change Management to export the new configuration to the Virtual WAN
environment.
citrix.com
129
Step
10.
Action
R
Navigate
u
n
to Configuration > Change Management.
t
h
r
o
u
g
h
t
Click here to navigate to the MCN.
11.
This should forward you to the MCN UI to run through the Change Management
process, which you should already be familiar with from previous exercises.
Log in using admin/password credentials, and navigate to Configuration > Virtual
WAN > Change Management if you do not land on the Change Preparation screen.
Click Begin, and make sure Demo_Ex12 is the configuration is listed. Start the
Change Management process by clicking Next. Run through the entire Activate Staged
process until Done.
citrix.com
130
Step
Action
12.
After the configuration has been changed to Demo_Ex12, and the configuration has
been pushed to the Virtual WAN environment, you can now run the VideoServer traffic
flow from Remote_Client VM, as you have done in previous exercises. Make sure to
clear the browser history so that the port 80 connection stays active downloading the
video again.
13.
N
Navigate back to
a
button to see the
v
i
the MCN user interface, Monitoring > Flows and click the refresh
VideoServer application flow on port 80.
citrix.com
131
Step
14.
Action
N
Navigate back to the VWC user interface and navigate to Reporting > Applications
a
tab. You can view the Average and Lowest MOS score for each application that MOS
v
iwas enabled for in the configuration. With a historical capability of Virtual WAN Center,
dyou can now use this tool to obtain the default value of MOS per targeted application,
and then re-measure MOS after features like Packet Duplication are enabled. This
provides a numerical value to coincide with reported user experience improvements.
Note, the default polling interface for Virtual WAN Center is set to 5 mins, so there data
may take a few minutes to appear as deplayed in the report below.
15.
Navigate to the Configuration > Networking Discovery > Discovery Settings page to
identify where to reducing the polling interval, not that this setting cannot be set below 2
minutes. This is because the VWC is designed to report for historical data and not real
time. Real time data should be obtained directly form the appliance UI.
Exercise Summary
In this exercise you leverage Virtual WAN Center to identify the Mean Opinion Score of a
targeted application.
citrix.com
132
Module6: CloudBridge 9.0

Release
citrix.com
133
Exercise 13: Introduction to CloudBridge 9.0 Metered

Links
Overview
In this exercise we will introduce you to a new 9.0 feature that is applicable only for the Virtual
WAN and Enterprise Edition appliances. Where release 7.x firmware was specific for the
CloudBridge WAN Opt Edition, and 8.x firmware was specific for the Virtual WAN Edition, 9.x
firmware covers all available editions (WANopt, Virtual WAN, and Enterprise Edition).
Depending on the appliance or VPX that 9.0 is installed, the configuration, reporting, and new
features will be limited. For this exercise, we are utilizing the Virtual WAN VPX so some
components like WANopt will be non-existent.
Enable the Metered Links 9.0 feature on the Internet WAN link
DC_CB_vWAN
citrix.com
134

Step
1.
Action
From the StudentDesktop, launch Firefox internet browser. Click on the bookmark in
the toolbar to launch the Datacenter CB vWAN user interface, then log in with default
credentials (admin/password).
Note that we are going back to using the MCN for Configuration Editing. Because we
are using the tech preview build of 9.0, we are going back to the MCN Configuration for
the below 9.0 specific exercises.
2.
In the Configuration > Virtual WAN > Configuration Editor, Import your last saved
configuration file from the Change Management.
citrix.com
135
Step
3.
Action
Save the newly imported configuration (e.g. Demo_Ex13), then make further
configuration changes.
Navigate to the DC_CB_vWAN > WAN Links > DC_INET > Settings node and notice
that the WAN Links settings now has a new option called Metered Links, which was
introduced after the 9.0 upgrade.
Metered links adds business logic to conserve bandwidth on links that are billed based
on usage. With the metered links feature comes the capability to configure the links as
the Last Resort link, which disallows the usage of the link until all other non-metered
links are down or degraded. Set Last Resort is typically enabled when there are three
WAN Links to a site (i.e. MPLS, Broadband Interent, 4G/LTE) and one of the WAN links
is 4G/LTE and may be to costly for a business to allow usage unless it is absolutely
necessary.
citrix.com
136
Step
Action
4.
Click the pen icon to enable Metering for the DC_INET WAN link. Let us pretend that
this is a 4G/LTE link, which is charged based on $/Mbps of usage.
5.
After enabling the metered links capability, you will be allowed to provide a Data Cap in
MB, billing cycle, and starting date specific to this WAN link. Lets set some low values
so that we can more easily trigger these settings. Set the Data Cap to 1MB, Cycle to
Monthly and start data 03/01/2016, then click Apply.
citrix.com
137
Step
Action
6.
Save and Export the new configuration to the Change Management Inbox.
7.
Run through the Change Management process which you should already be familiar
with from previous exercises.
citrix.com
138
Step
8.
Action
A
After Activating the Staged appliances that have the new configuration changes running,
f
navigate to the Monitoring > Usage Reports page to get a report of usage on your
t
emetered link.
r
The top banner will be seen on every page alerting when threshold is reached at 50, 75,
90 and 100% usage (always updating with the latest).
The WAN Link Metering Report on the Usage Reports page provides mode granular
detail of usage.
One important note to point out, is that the configuration change is pushed though the
Virtual Paths, which has the INET WAN link enabled. This is why the usage shows
10Megs of usage, even though we only recently enabled this meter feature.
9.
A
Another key thing to notice is that if you navigate to the Monitoring > Statistics page,
n
you can see that the usage of the WAN Links is lowered compared to the other WAN
o
tlink (MPLS) even when there is no traffic going across and the system itself is forced to
hsend heartbeat packets between sites to determines the state (latency, loss, jitter) of the
e
rlinks in each direction.
Exercise Summary
In this exercise we introduced Metered Links and the reporting associated with the feature.
citrix.com
139
Exercise 14: Introduction to CloudBridge 9.0 IPsec

Protected Virtual Paths
Overview
Enable IPsec for secure data transmission across the Virtual Path between MCN and
Client node
DC_CB_vWAN
citrix.com
140

Step
Action
1.
credentials (admin/password):
2.
In the Configuration > Virtual WAN > Configuration Editor, open your last saved
configuration file.
citrix.com
141
Step
3.
Action
Under the Connections section, navigate to the Default Sets > Virtual Path Default
Sets node and edit the existing or add a new Virtual Path Default Set.
Notice that the Virtual Path Default Set now has a new IPsec Settings node.
IPsec is an enterprise grade, standards based encryption protocol, with the capability of
using multiple types of encryption algorithms as well as multiple algorithms to ensure
data integrity. IKEv2 is used for initial key negotiation and Security Association (SA)
establishment between two IKE Peers.
Virtual WAN provides a differentiated Virtual Path tunneling mechanism (patent pending)
that prevents the need for IPsec tunnel re-initiation even in the event of WAN Path
failure. The IPsec tunnel stays up as long as one WAN Links is up and functioning.
citrix.com
142
Step
4.
Action
Enable IPsec, by clicking the Secure Virtual Path User Data with IPsec checkbox. You
will be provided additional options to further configure the IPsec details.
Supported Encapsulation types: ESP, AH, and ESP+AH

Supported Encryption Modes: AES 128 and 256-Bit
Supported Hash Algorithms: SHA1 and SHA-256
Please select from the available drop down menus, then click Apply.
citrix.com
143
Step
5.
Action
You will need to apply the Virtual Path Default Set to the MCN node, which will
automatically apply the same default set to all Client nodes that have a Virtual Path to
the MCN
Note: The Configuration Editor allows different Virtual Path Default Sets with different
IPsec parameters for two separate Virtual Paths.
Navigate to the DC_CB_vWAN node, then select DC_CB_vWAN-Remote_CB_vWAN
> Local Site > Basic Settings.
Make sure New_Virtual_Path_Default_Set is properly selected for the Default Set.
citrix.com
144
Step
Action
6.
Save As (e.g. Demo_Ex14), then click Save.
7.
Export the new configuration to the Change Management Inbox.
citrix.com
145
Step
Action
8.
Make sure the latest saved exercise configuration is in the inbox, then run through the
Change Management process which you should already be familiar with from previous
exercises.
9.
Verify the new setting are in effect, by navigating to the Configuration > Virtual WAN >
View Configuration page, and select Virtual Path Service from the View dropdown
menu.
IPsec settings will show only when IPsec is properly enabled.
citrix.com
146
Step
Action
10.
On the Dashboard, you will also find the status of each Virtual Path and its own IPsec
tunnel status.
11.
Navigating to the Monitoring > Statistics page and selecting IPsec Tunnel from the
Show dropdown will display further detailed statistics about each IPsec tunnel, which will
include the Name, State, Packets Received, Packets Sent, etc
Exercise Summary
In this exercise we introduced the ability to enable IPsec protection of data on the Virtual Paths.
citrix.com
147
Exercise 15: Introduction to CloudBridge 9.0 Path State

Sensitivity Control
Overview
Enable Path State Sensitivity Control for known high loss WAN links
DC_CB_vWAN
citrix.com
148

Step
Action
1.
2.
configuration file.
citrix.com
149
Step
3.
Action
Under the Connections section, navigate to the Autopath Groups > Default_Group
node and click the pen icon to edit the Default_Group.
Here you will encounter the following options for Bad Loss Sensitive.
Bad Loss Sensitive is enabled by default, which allows the system to mark Paths as
BAD due to high loss and will incur a Path scoring penalty when compared to other
paths. There is an option to disable Bad Loss Sensitive, which may be useful when a
WAN Link is inherently poor quality and the loss of packets is expected, allowing the
system to continue using the WAN Path even in high loss conditions (i.e. skip the BAD
state). The last option is Custom, which is a new 9.0 feature which allows Path state
sensitivity control.
Select Custom from the Bad Loss Sensitive dropdown.
citrix.com
150
Step
4.
Action
There are additional parameters available in Default_Group that controls Path state
behavior:
Silence Period: Specify silence duration before a Path state transitions from
GOOD to BAD. When not specified, the default is 150ms.
Path Probation Period: Specify the wait time, or Path Probation Period, before
a Path transitions from BAD to GOOD. The default is 10 seconds.
Instability Sensitive: If enabled, latency penalties due to the Path being in a
BAD state and other latency spikes are considered in the Path scoring algorithm.
With Custom option being selected, users can further control the sensitivity with BAD
state % loss sensitivity within a timeframe, set the following for this exercise:
Percent Loss: 20
Over Time: 1000
Silence Period: 200
Path Probation Period: 10000
Instability Sensitive: enable
citrix.com
151
Step
Action
5.
Save As (e.g. Demo_Ex15).
6.
citrix.com
152
Step
Action
7.
Make sure the latest config (e.g. Demo_Ex16) is in the Inbox, then run through the
exercises.
8.
Once the configuration is pushed out, navigate to the WANem UI for the INET link to
initiate a high 50% loss on that link. Make sure to click Apply Settings.
If the browser has timed out, refresh the browser to make sure the settings have been
applied.
Make sure the WANem settings for the MPLS link are in a good state.
citrix.com
153
Step
9.
Action
To identify Reporting on the Path states, navigating to the Monitoring > Statistics
page, and select Paths (Advanced) from the View dropdown menu.
The Reason Column will provide detail as to path sate failure cause.
citrix.com
154
Step
10.
Action
Navigate to the Monitoring > Availability Reports for detailed time bound date for each
Path state, which includes such detail as total uptime, goodtime, badtime, or downtime.
Exercise Summary
In this exercise we introduced the ability to customize Path State sensitivity for known high loss
WAN links.
citrix.com
155
Exercise 16: Introduction to CloudBridge 9.0 MPLS

Queues
Overview
Enable MPLS QoS Queues to account for existing providers MPLS queues
DC_CB_vWAN
citrix.com
156

Step
Action
11.
12.
configuration file.
citrix.com
157
Step
13.
Action
Under the Sites section, navigate to the existing DC_MPLS WAN link for the
DC_CB_vWAN node.
citrix.com
158
Step
14.
Action
Expand the Settings node, then expand the Basic Settings.

From the Access Type drop down, change Private Intranet to MPLS Queues.
Enabling this for this particular WAN link, will allow customization of QoS queues within
an MPLS link and tagging of the outter UDP packet from CloudBridge, which can be
identified by MPLS providers to provide class of service.
citrix.com
159
Step
15.
Action
Click on Add to add one MPLS Queue.

Populate with the following.
MPLS Queue Name: VoIP_Queue
DSCP tag: ef
LAN to WAN Permitted Rate (kbps): 500
WAN to LAN Permitted Rate (kbps): 500
citrix.com
160
Step
16.
Action
Click on Add to add another MPLS Queue.

Populate with the following.
MPLS Queue Name: Default_Queue
DSCP tag: af11
Unmatched: enable
LAN to WAN Permitted Rate (kbps): 1000
WAN to LAN Permitted Rate (kbps): 1000
Having the Unmatched option ticked will allow DSCP tags not matched by other MPLS
queues will use this queue. Click Apply to save the changes.
citrix.com
161
Step
17.
Action
In the Config. Editor navigate to the Remote_MPLS WAN link for the
Remote_CB_vWAN node, and change the Remote_MPLS WAN link as Private MPLS
then create the same MPLS Queues with unique names.
citrix.com
162
Step
18.
Action
After Applying the new settings, under Connections navigate to DC_CB_vWAN >
Virtual Paths > DC_CB-vWAN-Remote_CB_vWAN > Paths.
The Paths we had configured initially between the MPLS links are no longer there. We
need to rebuild theses paths to reflect our desired MPLS queue paths.
citrix.com
163
Step
Action
19.
In Paths node, click the + icon to add a path, and select VoIP_Queue for DC_CB_vWAN
site to R_VoIP_Queue for the Remote_CB_vWAN site. Reverse Also should be
enabled. Then click Add.
20.
Perform the same operation, this time matching the Default_Queues.
citrix.com
164
Step
Action
21.
When complete, you should have 6 total WAN paths (which includes ingress and
egress), built using two WAN links (MPLS and INET), with MPLS being utilized as two
separate WAN link queues (ef, and default).
22.
Save As (e.g. Demo_Ex17).
citrix.com
165
Step
Action
23.
24.
Make sure the latest config (e.g. Demo_Ex17) is in the Inbox, then run through the
exercises.
citrix.com
166
Step
25.
Action
Navigate to the Monitoring > Statistics and select MPLS Queues from the show drop
down for detailed path usage for each MPLS queue.
Exercise Summary
In this exercise we introduced the ability to customize Path State sensitivity for known high loss
WAN links.
citrix.com
167
Lab Guide Appendices
citrix.com
168
Appendix A: Additional Resources and Information

Lab Infrastructure Diagram (PDF): https://citrix.sharefile.com/d-s0042c4e9b1d4acc9
CloudBridge Virtual WAN PBR Mode Deployment Steps: CTX201577
CloudBridge Virtual WAN Gateway Mode Deployment Steps: CTX201576
Path Dead on a Newly Installed WAN Link: CTX201618
Path Continuously Flipping between Good/Bad/Dead: CTX201619
citrix.com
169
Corporate Headquarters
Fort Lauderdale, FL, USA
India Development Center

Bangalore, India
Latin America Headquarters

Coral Gables, FL, USA
Silicon Valley Headquarters

Santa Clara, CA, USA
Online Division Headquarters

Santa Barbara, CA, USA
UK Development Center
Chalfont, United Kingdom
EMEA Headquarters
Schaffhausen, Switzerland
Pacific Headquarters
Hong Kong, China
About Citrix
Citrix (NASDAQ:CTXS) is a leader in mobile workspaces, providing virtualization, mobility management, networking and cloud services to enable new
ways to work better. Citrix solutions power business mobility through secure, personal workspaces that provide people with instant access to apps,
desktops, data and communications on any device, over any network and cloud. This year Citrix is celebrating 25 years of innovation, making IT
simpler and people more productive. With annual revenue in 2013 of $2.9 billion, Citrix solutions are in use at more than 330,000 organizations and by
over 100 million users globally. Learn more at www.citrix.com.
Copyright 2014 Citrix Systems, Inc. All rights reserved. [list Citrix trademarks (without or symbols!) in document] are trademarks of Citrix
Systems, Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Other product and company names mentioned
herein may be trademarks of their respective companies.
citrix.com
170

CB Sd-Wan 1093

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

CB Sd-Wan 1093

Загружено:

Авторское право:

Доступные форматы

Citrix CloudBridge SD-WAN

Prepared by: Christopher Rudolph

New Lab Guide

SME Feedback Incorporated

GA 8.1 VPX w/ VIRTUAL

Inline Mode, additional

9.0 release exercises

Tech Preview CB 9.0

Training Overview ................................................................................................................. 4

Module1: CloudBridge Virtual WAN Configuration ................................................................. 9

Module2: CloudBridge Virtual WAN Provisioning ................................................................. 56

Module3: CloudBridge Virtual WAN Customization .............................................................. 76

Module4: CloudBridge Virtual WAN Upgrade ..................................................................... 107

Module5: CloudBridge Virtual WAN Virtual WAN Center ................................................... 115

Module6: CloudBridge 9.0 Release..................................................................................... 133

Lab Guide Appendices ....................................................................................................... 168

Lab Guide Conventions

Lab Environment Details

Domain Controller, DNS

Data Center CloudBridge VIRTUAL WAN VPX

Central Management for VIRTUAL WAN

Remote CloudBridge VIRTUAL WAN VPX

Windows 8.1 Professional

TCP Traffic Generator/Analyzer

Windows Server 2012 R2 | FileZilla Server

Windows 8.1 Professional | XenDesktop 7.6 VDA

Windows Server 2012 R2 | XenDesktop 7.6 Delivery

CloudBridge Virtual WAN

Virtual WAN Center

eth0: Private bond0

Get a closer look at the topology: https://citrix.sharefile.com/d-s0042c4e9b1d4acc9

WAN Optimization Solution

Module1: CloudBridge Virtual

Exercise 1: Datacenter CloudBridge Virtual WAN

In this exercise you will:

Estimated time to complete this exercise: 30 Minutes

Virtual Machines Required For This Exercise

Step by Step Guidance

First, we are going to access the XenCenter administration tool.

Right click on the devcompute-001.ondemand.vtc node, and select the Connect

Then, navigate to System Maintenance > Date/Time Settings.

Then click OK to confirm the switch to the MCN Console.

Then, navigate to Virtual WAN > Configuration Editor.

First creat a new configuration file by clicking the New button

Type DC_MPLS in the Name field.

Repeat this process for the 172.16.12.0 network.

Exercise 2: Remote CloudBridge Virtual WAN node

In this exercise you will:

Configure the remote CloudBridge Virtual WAN node

Estimated time to complete this exercise: 20 Minutes

Virtual Machines Required For This Exercise

Step by Step Guidance

Type Remote_MPLS in the Name field and then click Apply.

Type Remote_INET in the Name field and then click Apply.

Type Remote_LAN in the Name field and then click Apply.

Click the plus icon again in the Virtual IP Address node.

Next, expand the Access Interfaces node.

Next, expand the Access Interfaces node.

Exercise 3: Finalizing the Virtual WAN Configuration

In this exercise you will:

Estimated time to complete this exercise: 15 Minutes

Virtual Machines Required For This Exercise

Step by Step Guidance